package com.itzb.asone.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

import org.apache.log4j.Logger;

import com.itzb.asone.application.AppContext;
import com.itzb.asone.application.ApplicationResourceInfo;
import com.itzb.asone.application.ApplicationUserInfo;
import com.itzb.asone.constant.SystemConstant;
import com.itzb.asone.system.model.SysGroup;
import com.itzb.asone.system.model.SysUser;

public class UserLoginFilter implements Filter {
	private Logger logger = Logger.getLogger(getClass());


	public void init(FilterConfig filterConfig) throws ServletException {
		
	}

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest) request;
		String url = httpRequest.getRequestURI();
		ApplicationResourceInfo ari = (ApplicationResourceInfo)httpRequest.getSession(true).getAttribute(SystemConstant.USER_RESOURCE);
		Cookie[] cookies = httpRequest.getCookies();
		if (null != cookies) {
			for (Cookie cookie : cookies) {
				if(SystemConstant.USER_COOKIE_NAME.equals(cookie.getName())){
					String cookieVal = cookie.getValue();
					//判断菜单是否失效
					if(ari == null){
						String userId = cookieVal.split("_")[0];
						SysUser sysUser = AppContext.getUserByUserId(userId);
						SysGroup sysGroup = AppContext.getGroupByUserId(userId);
						ApplicationResourceInfo resourceInfo =  AppContext.getUserResource(sysUser,url,httpRequest);
						ApplicationUserInfo userInfo = new ApplicationUserInfo(sysUser,sysGroup);
						httpRequest.getSession(true).setAttribute(SystemConstant.USER_RESOURCE,resourceInfo);
						httpRequest.getSession(true).setAttribute(SystemConstant.USER_INFO, userInfo);
						//该菜单是否有权限
						if(
								AppContext.getUserResourceObj(sysUser, url) &&
								!AppContext.getUserResourceAuth(sysUser, url)
						){
							logger.error("The user does not have access to this menu。userName：" + sysUser.getUserName() +"    url：" + url);
							RequestDispatcher rd=request.getRequestDispatcher("/system/main");
					        rd.forward(request, response);
					        return;
						}
						
					}
					ApplicationUserInfo userInfo = (ApplicationUserInfo)httpRequest.getSession(true).getAttribute(SystemConstant.USER_INFO);
					SysUser sysUser = new SysUser();
					sysUser.setId(userInfo.getUserId());
					sysUser.setUserName(userInfo.getUserName());
					if(
							AppContext.getUserResourceObj(sysUser, url) &&
							!AppContext.getUserResourceAuth(sysUser, url) &&
							url.indexOf("/login.jsp") < 0 &&
							url.indexOf("/login") < 0 &&
							url.indexOf("/logout") < 0 &&
							url.indexOf("/userLogin") < 0 &&
							url.indexOf("/static") < 0
							
					){
						logger.error("The user does not have access to this menu。userName：" + sysUser.getUserName() +"    url：" + url);
						RequestDispatcher rd=request.getRequestDispatcher("/system/main");
				        rd.forward(request, response);
				        return;
					}
					chain.doFilter(request, response);
					return;
				}
			}
		}
		
		if(
				url.indexOf("/login.jsp") > -1 ||
				url.indexOf("/login") > -1 ||
				url.indexOf("/logout") > -1 ||
				url.indexOf("/userLogin") > -1 ||
				url.indexOf("/static") > -1 ||
				url.indexOf("/api") > -1
		){
			chain.doFilter(request, response);
			return;
		}
		RequestDispatcher rd=request.getRequestDispatcher("/system/login");
        rd.forward(request, response);
	}

	public void destroy() {
		
	}

}
